rupadana / filament-api-service
A simple api service for supporting filamentphp
Fund package maintenance!
rupadana
Requires
- php: ^8.1
- filament/filament: ^3.2
- illuminate/contracts: ^10.0|^11.0
- laravel/framework: ^10.10|^11.0
- laravel/sanctum: ^3.2|^4.0
- spatie/laravel-package-tools: ^1.14.0
- spatie/laravel-query-builder: ^5.3|^6.2
Requires (Dev)
- laravel/pint: ^1.0
- nunomaduro/collision: ^7.9|^8.0
- orchestra/testbench: ^8.0|^9.0
- pestphp/pest: ^2.0
- pestphp/pest-plugin-arch: ^2.0
- pestphp/pest-plugin-laravel: ^2.0
- phpunit/phpunit: ^10.0.17|^10.5
- dev-main
- v4.x-dev
- 3.3.2
- 3.3.1
- 3.3.0
- 3.2.4
- 3.2.3
- 3.2.2
- 3.2.1
- 3.2.0
- 3.1.4
- 3.1.3
- 3.1.2
- 3.1.1
- 3.1.0
- 3.0.10
- 3.0.9
- 3.0.8
- 3.0.7
- 3.0.6
- 3.0.5
- 3.0.4
- 3.0.3
- 3.0.2
- 3.0.1
- 3.0.0
- v1.0.3
- v1.0.2
- v1.0.1
- 1.0.0.x-dev
- v1.0.0
- dev-bump-spatie-query
- dev-dev
- dev-dependabot/github_actions/tsickert/discord-webhook-6.0.0
- dev-laravel-11
- dev-tenancy-support
- dev-feature-tenantAware
- dev-feat-autodetect-routes
This package is auto-updated.
Last update: 2024-10-23 13:34:22 UTC
README
A simple API service for supporting FilamentPHP
Installation
You can install the package via composer:
composer require rupadana/filament-api-service
Register it to your filament Provider
use Rupadana\ApiService\ApiServicePlugin; $panel->plugins([ ApiServicePlugin::make() ])
Config
php artisan vendor:publish --tag=api-service-config
return [ 'navigation' => [ 'token' => [ 'cluster' => null, 'group' => 'User', 'sort' => -1, 'icon' => 'heroicon-o-key' ] ], 'models' => [ 'token' => [ 'enable_policy' => true, ], ], 'route' => [ 'panel_prefix' => true, 'use_resource_middlewares' => false, ], 'tenancy' => [ 'enabled' => false, 'awareness' => false, ] ];
Usage
php artisan make:filament-api-service BlogResource
Since version 3.0, routes automatically registered. it will grouped as '/api/admin'. admin is panelId. to disable panelId prefix, please set route.panel_prefix to false
So, You don't need to register the routes manually.
The routes will be :
On CreateHandler, you need to be create your custom request validation.
Token Resource
By default, Token resource only show on super_admin role. you can modify give permission to other permission too.
Token Resource is protected by TokenPolicy. You can disable it by publishing the config and change this line.
'models' => [ 'token' => [ 'enable_policy' => false // default: true ] ],
Important
If you use Laravel 11, don't forget to run php artisan install:api to publish the personal_access_tokens migration after that run php artisan migrate to migrate the migration, but as default if you run the php artisan install:api it will ask you to migrate your migration.
Filtering & Allowed Field
We used "spatie/laravel-query-builder": "^5.3" to handle query selecting, sorting and filtering. Check out the spatie/laravel-query-builder documentation for more information.
In order to allow modifying the query for your model you can implement the HasAllowedFields, HasAllowedSorts and HasAllowedFilters Contracts in your model.
class User extends Model implements HasAllowedFields, HasAllowedSorts, HasAllowedFilters { // Which fields can be selected from the database through the query string public function getAllowedFields(): array { // Your implementation here } // Which fields can be used to sort the results through the query string public function getAllowedSorts(): array { // Your implementation here } // Which fields can be used to filter the results through the query string public function getAllowedFilters(): array { // Your implementation here } }
Create a Handler
To create a handler you can use this command. By default, i'm using CreateHandler
php artisan make:filament-api-handler BlogResource
or
php artisan make:filament-api-handler Blog
Transform API Response
php artisan make:filament-api-transformer Blog
it will be create BlogTransformer in App\Filament\Resources\BlogResource\Api\Transformers
<?php namespace App\Filament\Resources\BlogResource\Api\Transformers; use Illuminate\Http\Resources\Json\JsonResource; class BlogTransformer extends JsonResource { /** * Transform the resource into an array. * * @param \Illuminate\Http\Request $request * @return array */ public function toArray($request) { return $this->resource->toArray(); // or return md5(json_encode($this->resource->toArray())); } }
next step you need to edit & add it to your Resource
use App\Filament\Resources\BlogResource\Api\Transformers\BlogTransformer; class BlogResource extends Resource { ... public static function getApiTransformer() { return BlogTransformer::class; } ... }
Group Name & Prefix
You can edit prefix & group route name as you want, default this plugin use model singular label;
class BlogApiService extends ApiService { ... protected static string | null $groupRouteName = 'myblog'; ... }
Middlewares
You can add or override middlewares at two specific places. Via the Filament Panel Provider and/or via the Resources $routeMiddleware.
If you set route.use_resource_middlewares to true, the package will register the middlewares for that specific resource as defined in:
class BlogResource extends Resource { ... protected static string | array $routeMiddleware = []; // <-- your specific resource middlewares ... }
Then your API resource endpoint will go through these middlewares first.
Another method of adding/overriding middlewares is via the initialization of the plugin in your Panel Provider by adding the middleware() method like so:
use Rupadana\ApiService\ApiServicePlugin; $panel->plugins([ ApiServicePlugin::make() ->middleware([ // ... add your middlewares ]) ])
Tenancy
When you want to enable Tenancy on this package you can enable this by setting the config tenancy.enabled to true. This makes sure that your api responses only retreive the data which that user has access to. So if you have configured 5 tenants and an user has access to 2 tenants. Then, enabling this feature will return only the data of those 2 tenants.
If you have enabled tenancy on this package but on a specific Resource you have defined protected static bool $isScopedToTenant = false;, then the API will honour this for that specific resource and will return all records.
If you want to make api routes tenant aware. you can set tenancy.awareness to true in your published api-service.php. This way this package will register extra API routes which will return only the specific tenant data in the API response.
Now your API endpoints will have URI prefix of {tenant} in the API routes when tenancy.awareness is true.
It will look like this:
POST api/admin/{tenant}/blog
GET|HEAD api/admin/{tenant}/blog
PUT api/admin/{tenant}/blog/{id}
DELETE api/admin/{tenant}/blog/{id}
GET|HEAD api/admin/{tenant}/blog/{id}
Overriding tenancy ownership relationship name by adding this property to the Handlers protected static ?string $tenantOwnershipRelationshipName = null;
How to secure it?
Since version 3.0, it will automatically detect routes and secure it using sanctum.
To Generate Token, you just need create it from admin panel. It will be Token Resource there.
Public API
Set API to public by overriding this property on your API Handler. Assume we have a PaginationHandler
class PaginationHandler extends Handlers { public static bool $public = true; }
License
The MIT License (MIT).